Insight

Taking a strategic approach to risk management

March 2017

When we think of risk we usually think of danger and the chance of something bad happening. This then gives you two things to consider: the likelihood of it happening and the potential damage it may cause.

Nevertheless, most successful business people understand that taking risks is essential. They also understand the premise that risk and return work in tandem: the higher the return you're looking for, the more risk you need to take.

Risk management and its role in corporate governance

The way we've just defined risk is relevant to the way we examine it in a strategic context and how we deal with it from a governance point of view. In particular, once you've defined your corporate mission, strategies and objectives, you must identify the risks that threaten these aims and then decide the steps you'll take to mitigate those risks. Indeed, when you define your business strategies you must actively consider your appetite for risk and how much risk you are prepared to tolerate. After all, there is no point setting a business strategy or objective if you are unwilling to tolerate the risk you need to take to achieve it.

To develop the right risk management and control processes it is useful for all stakeholders to discuss the issues and reflect on the main factors that will determine your approach to risk management. In this sense, it is important to consider modern environmental factors that now significantly affect any approach to risk management. These include:

Technology

IT and fraud related risk

Environmental changes and natural disasters

International politics

Interest rates and foreign exchange fluctuations

Inconsistent energy supplies

Uncertain employment markets

Business failures.

These risk factors have led companies to manage risk in a more systematic and interdisciplinary way using complementary and alternative solutions to the traditional ones, which merely transferred risk to the insurance sector using insurance policies.

An evolving international regulatory framework

Evolving international regulation may see new corporate governance rules aimed at improving the transparency of performance indicators and related risk factors.

The perception of the international political and financial community supports this view. In its 2015 Global Risks Report, the World Economic Forum (WEF) stated:

"...in a world where risks transcend borders and sectors, the motivations underlying the Global Risks report at its inception in 2005 - to shed a light on global risks and help to create a shared understanding of the most pressing issues, the ways they interconnect and their potential impacts - are more relevant than ever."

Environmental and political risks dominate

Perhaps unsurprisingly, given the global financial crisis, economic risk was at the forefront between 2007 and 2014. In 2015, economic risk took a back seat in favour of:

Potential water crisis

Global spread of infectious disease

Weapons of mass destruction

Inter-state conflicts

Failure to deal with climate change.

Managing risk in a global context

These issues are sufficiently important to make assessing risk in a global context extremely relevant to risk and control governance. An external environment characterised more and more by an increasing level of complexity results in a progressive broadening of perspective among those responsible for internal controls. This means you must focus on your company's long-term goals and the strategies you intend to follow by answering these two questions:

1. Does your business have the necessary resources to pursue its goals?

In conclusion, those who have to deal with managing risk and internal controls must broaden their perspective: as well as understanding individual processes they must also develop a deep understanding of their business's policy and strategy.